<?php
header('content-type:text/html; charset=utf-8');
@$login=$_REQUEST['login'];
@$password=$_REQUEST['password'];

if(empty($login) || empty($password)){
	header('Refresh:2;url=/denglu.php');
	die('<h3>登录信息不完整</h3><a href="/denglu.php">返回重新登录</a>');
}
$pdo=new PDO('mysql:dbname=mydb','root');
$s=$pdo->prepare('select id,password from user where login=:login');
$s->execute(array('login'=>$login));
$user=$s->fetch(PDO::FETCH_NAMED);
if(empty($user)){
	header('Refresh:2;url=/denglu.php');
	die('<h3>登录名不存在</h3><a>返回重新登录</a>');	
}
if ($user['password']!=$password){
	header('Refresh:2;url=/denglu.php');
	die('<h3>密码错误</h3><a>返回重新登录</a>');
}
unset($user['password']);
$user['login']=$login;
session_start();
$_SESSION['user']=$user;
header('Refresh:2;url=/tongxunlu.php');
die('<h3>登录成功</h3><a>访问主页</a>');